At 06:42 AM 7/20/2006, ghen@telenet.be wrote:
>On Wed, Jul 19, 2006 at 08:25:29AM -0700, Kurt D. Zeilenga wrote:
>> The behavior is as intended. While certainly it is "possible"
>> to redesign this code, I don't think it sensible to do so.
>
>If this behaviour is intended, then what is the benefit of doing
>it this way? Could you give a little more detail please?
In short, the sooner one chroot/drops root the better (for
security). For a long answer, read up on providing security
through these calls and then review the developer list
archives of discussions regarding appropriate placement
of these calls.
Kurt